Category Started On Completed On Duration Cuckoo Version
FILE 2014-06-30 04:00:07 2014-06-30 04:02:02 115 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-06-30 04:00:08 2014-06-30 04:02:02

File Details

File name order_id_783624782367842367846238751111.exe
File size 114176 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 B6DCB24D
MD5 c31f54bb78d5b1469b9b1aee691ff8e3
SHA1 52af4ce410897bd2faaa226a86c8a9c870858c52
SHA256 a73e33e0f693bc834ba28bea1d4528f596b37991a02b8ca061f704496c3efe67
SHA512 d42574a42417000c80e00cf5f27c030cad3d62a8c817684874151d57d23a31f8b6617c9cc08b6e9334ce0f878dc1b47962f57474e3983ed64ab0efc0cc85d47e
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal File not found on VirusTotal

Signatures

Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

order_id_783624782367842367846238751111.exe PID: 968, Parent PID: 1788

Volatility

Nothing to display.